{"id":"https://openalex.org/W2013822603","doi":"https://doi.org/10.1145/2714576.2714593","title":"Enpublic Apps","display_name":"Enpublic Apps","publication_year":2015,"publication_date":"2015-04-03","ids":{"openalex":"https://openalex.org/W2013822603","doi":"https://doi.org/10.1145/2714576.2714593","mag":"2013822603"},"language":"en","primary_location":{"id":"doi:10.1145/2714576.2714593","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2714576.2714593","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5009044173","display_name":"Min Zheng","orcid":"https://orcid.org/0000-0001-9751-1314"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Min Zheng","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112125138","display_name":"Hui Xue","orcid":"https://orcid.org/0009-0008-1662-7752"},"institutions":[{"id":"https://openalex.org/I4210128452","display_name":"FireEye (United States)","ror":"https://ror.org/03dnqre85","country_code":"US","type":"company","lineage":["https://openalex.org/I4210128452"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hui Xue","raw_affiliation_strings":["FireEye Inc., San Francisco, CA, USA"],"affiliations":[{"raw_affiliation_string":"FireEye Inc., San Francisco, CA, USA","institution_ids":["https://openalex.org/I4210128452"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100635548","display_name":"Yulong Zhang","orcid":"https://orcid.org/0000-0002-9857-8884"},"institutions":[{"id":"https://openalex.org/I4210128452","display_name":"FireEye (United States)","ror":"https://ror.org/03dnqre85","country_code":"US","type":"company","lineage":["https://openalex.org/I4210128452"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yulong Zhang","raw_affiliation_strings":["FireEye Inc., San Francisco, CA, USA"],"affiliations":[{"raw_affiliation_string":"FireEye Inc., San Francisco, CA, USA","institution_ids":["https://openalex.org/I4210128452"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102921233","display_name":"Tao Wei","orcid":"https://orcid.org/0000-0002-7086-8935"},"institutions":[{"id":"https://openalex.org/I4210128452","display_name":"FireEye (United States)","ror":"https://ror.org/03dnqre85","country_code":"US","type":"company","lineage":["https://openalex.org/I4210128452"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tao Wei","raw_affiliation_strings":["FireEye Inc., San Francisco, CA, USA"],"affiliations":[{"raw_affiliation_string":"FireEye Inc., San Francisco, CA, USA","institution_ids":["https://openalex.org/I4210128452"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5068489266","display_name":"John C. S. Lui","orcid":"https://orcid.org/0000-0001-7466-0384"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"John C.S. Lui","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5009044173"],"corresponding_institution_ids":["https://openalex.org/I177725633"],"apc_list":null,"apc_paid":null,"fwci":1.7231,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.84841418,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"463","last_page":"474"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9771000146865845,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9370999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6601327657699585}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6601327657699585}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2714576.2714593","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2714576.2714593","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W1425914613","https://openalex.org/W1953670109","https://openalex.org/W2142145056","https://openalex.org/W2165269684","https://openalex.org/W2183938160","https://openalex.org/W2232411669","https://openalex.org/W2419566634","https://openalex.org/W2912675049","https://openalex.org/W4230500952"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2382290278","https://openalex.org/W2478288626","https://openalex.org/W4391913857","https://openalex.org/W2350741829","https://openalex.org/W2530322880"],"abstract_inverted_index":{"Compared":[0],"with":[1,29],"Android,":[2],"the":[3,30,84,89,101,130,143,177,203,208],"conventional":[4],"wisdom":[5],"is":[6,9,107],"that":[7],"iOS":[8,17,102,125,168,224,237],"more":[10],"secure.":[11],"However,":[12],"both":[13],"jailbroken":[14],"and":[15,44,66,87,115,145,158,164,220,226,234],"non-jailbroken":[16],"devices":[18],"have":[19,70,228],"number":[20],"of":[21,39,147,176],"vulnerabilities.":[22,159],"For":[23],"iOS,":[24],"apps":[25,47,77,114,126,179,186,194],"need":[26],"to":[27,64,100,111,129],"interact":[28],"underlying":[31],"system":[32],"using":[33,52,132],"Application":[34],"Programming":[35],"Interfaces":[36],"(APIs).":[37],"Some":[38],"these":[40,113,124],"APIs":[41,81,118,216],"remain":[42],"undocumented":[43],"Apple":[45],"forbids":[46],"in":[48,205],"App":[49,85],"Store":[50,86],"from":[51],"them.":[53],"These":[54],"APIs,":[55,183],"also":[56],"known":[57],"as":[58,135],"\"private":[59],"APIs\",":[60],"provide":[61],"powerful":[62],"features":[63],"developers":[65],"yet":[67],"they":[68],"may":[69],"serious":[71],"security":[72,221],"consequences":[73],"if":[74],"misused.":[75],"Furthermore,":[76],"which":[78,127,149,217],"use":[79,88,181],"private":[80,117,155,182,215],"can":[82,150],"bypass":[83],"\"Apple's":[90],"Enterprise/Developer":[91],"Certificates\"":[92],"for":[93,236],"distribution.":[94],"This":[95],"poses":[96],"a":[97],"significant":[98],"threat":[99],"ecosystem.":[103],"So":[104],"far,":[105],"there":[106],"no":[108],"formal":[109],"study":[110],"understand":[112],"how":[116],"are":[119,218],"being":[120],"encapsulated.":[121],"We":[122,170],"call":[123],"distribute":[128],"public":[131],"enterprise":[133],"certificates":[134],"\"enpublic\"":[136,153],"apps.":[137,169],"In":[138,210],"this":[139],"paper,":[140],"we":[141,162,212,227],"present":[142],"design":[144],"implementation":[146],"iAnalytics,":[148,161],"automatically":[151],"analyze":[152],"apps'":[154],"API":[156],"usages":[157],"Using":[160],"crawled":[163],"analyzed":[165],"1,408":[166],"enpublic":[167,193],"discovered":[171],"that:":[172],"844":[173],"(60%)":[174],"out":[175],"1408":[178],"do":[180],"14":[184],"(1%)":[185],"contain":[187],"URL":[188],"scheme":[189],"vulnerabilities,":[190],"901":[191],"(64%)":[192],"transport":[195],"sensitive":[196,222],"information":[197,204],"through":[198],"unencrypted":[199],"channel":[200],"or":[201],"store":[202],"plaintext":[206],"on":[207,223],"phone.":[209],"addition,":[211],"summarized":[213],"25":[214],"crucial":[219],"6/7/8,":[225],"filed":[229],"one":[230],"CVE":[231],"(Common":[232],"Vulnerabilities":[233],"Exposures)":[235],"devices.":[238]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2016-06-24T00:00:00"}